package com.vrv.vap.server.config;

import com.vrv.vap.oauth2.config.DefaultResourceServerConf;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;

/**
 * @author wh1107066
 * @date 2021/6/25 7:50
 */
@Configuration
@EnableResourceServer
public class VapResourceServerConfiguration extends DefaultResourceServerConf {
   @Override
    public HttpSecurity setAuthenticate(ExpressionUrlAuthorizationConfigurer<HttpSecurity>.AuthorizedUrl authorizedUrl) {
        return authorizedUrl.access("@permissionService.hasPermission(request, authentication)").and();
    }
}
